<?php
ob_start();
session_start();
include('includes/connect.php');
$user = $_POST['username'];
$password = $_POST['password'];

$query2  = "SELECT * FROM users where username='".trim($user)."'";
			$result2 = mysql_query($query2);
			if(mysql_num_rows($result2)!="")
			{ 
				while($row2 = mysql_fetch_assoc($result2))
				{

					if(trim($password)==trim($row2['password']))
					{ 
						$_SESSION['user_id']= $row2['user_id'];
						$_SESSION['fname']= $row2['fname'];
						$_SESSION['lname']= $row2['lname'];
						$_SESSION['address']= $row2['address'];
						$_SESSION['phone']= $row2['phone'];
						$_SESSION['mob']= $row2['mob'];
						$_SESSION['username']= $row2['username'];
						$_SESSION['password']= $row2['password'];



						if(isset($_SESSION['url'])) 
						   $url = $_SESSION['url']; 
						else 
						   $url = "dashboard.php"; 

							header("Location: $url");
						//header("Location: dashboard.php"); 
					}
					else
					{ 
						header('Location:login.php?er=1');
					}
				}
			}
			else
				{ 
					header('Location:login.php?er=2');
				}
				
	/*if($_POST['usertype']=='1')
	{
		$query  = "SELECT * FROM experts where experts_username='".trim($user)."'";
		$result = mysql_query($query);
		if(mysql_num_rows($result)!="")
		{ 
			while($row = mysql_fetch_assoc($result))
			{

				if(trim($password)==trim($row['password']))
				{ 
					$_SESSION['experts_id']= $row['experts_id'];
					$_SESSION['experts_fname']= $row['experts_fname'];
					$_SESSION['experts_lname']= $row['experts_lname'];
					$_SESSION['experts_address']= $row['experts_address'];
					$_SESSION['country']= $row['name'];
					$_SESSION['experts_phone']= $row['experts_phone'];
					$_SESSION['experts_mob']= $row['experts_mob'];
					$_SESSION['experts_username']= $row['experts_username'];
					$_SESSION['password']= $row['password'];
					header("Location: expert.php"); // perform correct redirect.
				}
				else
				{ 
					header('Location:login.php?er=1');
				}				
			}
		}
		else
		{ 
			header('Location:login.php?er=2');
		}
	}

	
		elseif($_POST['usertype']=='2')
		{
			$query1  = "SELECT * FROM vendors where vendors_username='".trim($user)."'";
			$result1 = mysql_query($query1);
			if(mysql_num_rows($result1)!="")
			{ 
				while($row1 = mysql_fetch_assoc($result1))
				{
					if(trim($password)==trim($row1['password']))
					{ 
						$_SESSION['vendors_id']= $row1['vendors_id'];
						$_SESSION['vendors_fname']= $row1['vendors_fname'];
						$_SESSION['vendors_lname']= $row1['vendors_lname'];
						$_SESSION['vendors_address']= $row1['vendors_address'];
						$_SESSION['vendors_phone']= $row1['vendors_phone'];
						$_SESSION['vendors_mob']= $row1['vendors_mob'];
						$_SESSION['vendors_username']= $row1['vendors_username'];
						$_SESSION['password']= $row1['password'];
						header("Location: viewvendors.php");// perform correct redirect.
					}
					else
					{ 
						header('Location:login.php?er=1');
					}
				}
			}
			else
				{ 
					header('Location:login.php?er=2');
				}

		}


		elseif($_POST['usertype']=='3')
			{
			$query2  = "SELECT * FROM users where username='".trim($user)."'";
			$result2 = mysql_query($query2);
			if(mysql_num_rows($result2)!="")
			{ 
				while($row2 = mysql_fetch_assoc($result2))
				{

					if(trim($password)==trim($row2['password']))
					{ 
						$_SESSION['user_id']= $row2['user_id'];
						$_SESSION['fname']= $row2['fname'];
						$_SESSION['lname']= $row2['lname'];
						$_SESSION['address']= $row2['address'];
						$_SESSION['phone']= $row2['phone'];
						$_SESSION['mob']= $row2['mob'];
						$_SESSION['username']= $row2['username'];
						$_SESSION['password']= $row2['password'];
						header("Location: user.php"); 
					}
					else
					{ 
						header('Location:login.php?er=1');
					}
				}
			}
			else
				{ 
					header('Location:login.php?er=2');
				}
		}*/

	



	exit;
ob_flush();
?>